An issue found in TCPprep v.4.4.3 allows a remote malicious user to cause a denial of service via the macinstring function.
broadcom tcpreplay 4.4.3